SQL Server Management Studio (SSMS), Report Server, and Report Manager don't connect to the database engine after you apply the fix for SQL Server 2008, 2008 R2, 2012, or 2014. Report Server and Report Manager fail and return the following error message:
The report server cannot open a connection to the report server database. A connection to the database is required for all requests and processing. (rsReportServerDatabaseUnavailable)
This issue occurs because SSMS, Report Manager, and Reporting Services Configuration Manager use ADO.NET, and ADO.NET support for TLS 1.2 is available only in the .NET Framework 4.6. For earlier versions of the .NET Framework, you have to apply a Windows update so that ADO.NET can support TLS 1.2 communications for the client. The Windows updates that enable TLS 1.2 support in earlier versions of .NET framework are listed in the table in the "How to know whether you need this update" section.
Reporting Services Configuration Manager reports the following error message even after client providers have been updated to a version that supports TLS 1.2:
Could not connect to server: A connection was successfully established to the server, but then an error occurred during the pre-login handshake.
To resolve this problem, manually create the following registry key on the system that hosts the Reporting Services Configuration Manager:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client : "Enabled"=dword:00000001
The encrypted endpoint communication that uses TLS 1.2 fails when you use encrypted communications for Availability Groups or Database Mirroring or Service Broker in SQL Server. An error message that resembles the following is logged in the SQL Error log:
Connection handshake failed. An OS call failed: (80090331) 0x80090331(The client and server cannot communicate, because they do not possess a common algorithm.). State 56.
For more information about this issue, see FIX: The encrypted endpoint communication with TLS 1.2 fails when you use SQL Server.
An encrypted connection with Database Mirroring or Availability Groups does not work when you use a certificate after you disable all other protocols other than TLS 1.2. An error message that resembles the following is logged in the SQL Server Error log:
An encrypted connection with Database Mirroring or Availability Groups does not work when you use a certificate after you disable all other protocols other than TLS 1.2. You may notice one of the following symptoms:
A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 1205.
An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
This issue occurs because Availability Groups and Database Mirroring require a certificate that does not use fixed length hash algorithms, such as MD5. Fixed length hashing algorithms are not supported in TLS 1.2.
The following SQL Server database engine versions are affected by the intermittent service termination issue that is reported in Knowledge Base article 3146034. For customers to protect themselves from the service termination issue, we recommend that they install the TLS 1.2 updates for Microsoft SQL Server that are mentioned in this article if their SQL Server version is listed in the following table.
SQL Server release
SQL Server 2008 R2 SP3 (x86 and x64)
SQL Server 2008 R2 SP2 GDR (IA-64 only)
SQL Server 2008 R2 SP2 (IA-64 only)
SQL Server 2008 SP4 (x86 and x64)
SQL Server 2008 SP3 GDR (IA-64 only)
SQL Server 2008 SP3 (IA-64 only)